Then, you get a guest account that is made for kiosks:
– only Firefox can access the net
– /home, /tmp and /var/tmp are polyinstanciated
– everything in /home/guest, /tmp and /var/tmp is removed when the session is closed

This is made through a combination of Pam namespaces and SELinux policies, and is obviously configurable.